Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
0
Helpful
3
Replies

Design Question

kevin.hu
Level 3
Level 3

‎12-21-2005 12:09 PM - edited ‎03-03-2019 11:17 AM

We have a private WAN network infrastructure with many circuits all across the country. There is one company that has a lot of sites co-located with us, but they have their own private WAN network. However, they can save money by using our private WAN network. So, essentially I will become their service provider. How do I separate their traffic from our traffic? My idea is to use DMVPN for their sites. Do I need to configure my routers to do the routing for them? What kind of solution or options do I have? Can I use MPLS VPN as one solution? How do I carve out a portion of bandwidth and just dedicated to them? Thank you so much in advance.

Labels:
0 Helpful
3 Replies 3

mheusinger
Level 10
Level 10

‎12-21-2005 03:52 PM

Hi,

with DMVPN you need to route the VPN gateway addresss but not the other companies internal networks. Those would be withing the tunnels.

You could also go for MPLS VPN ... given the proper hardware and software supporting this AND you knowing what you are doing. Don´t underestimate the complexity. It´s not rocket science, but needs proper thoughtful design and understanding of the features and knobs.

Bandwidth "carving" is a QoS related question. Today DiffServ is used and you could use shaping and CBWFQ to give some guarantees. Be aware however that this is not a strict guarantee like a T1, which gives you always exact the same.

Hope this helps

Martin

P.S.: Be extremely careful when defining your SLAs ... customers have a tendency to push the SP to the limit of their contract (which you can only find out by trying to push OVER the limit ;-)

Ok. Just kidding. Good Luck!

0 Helpful

kevin.hu
Level 3
Level 3
In response to mheusinger

‎12-22-2005 07:41 AM

Thank you very much Martin to give me some idea. This brings another question. What advantages do MPLS VPN give me over IPsec VPN? We are not going to become a service provider and start taking in customers. Therefore if we go for MPLS, that means expensive hardware upgrade and lenthy network design.

0 Helpful

mheusinger
Level 10
Level 10
In response to kevin.hu

‎12-22-2005 07:48 AM

Hi,

MPLS VPNs have many nice features for a SP taking many customers. In your case I would say you just might have a look at "Multi-VRF" (aka vrf-lite) feature. No MPLS, no expensive hardware and no performance degrading encryption needed, but "clean" separation of IP routing domains.

Hope this helps

Martin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card